In our blog yesterday we talked about the security breach at Target that resulted in the release of 110 million credit card accounts. It’s probably safe to say that a good number of these accounts will be duplicates, but in spite of that, the idea that what could be as much as 40% of American shoppers losing control over their credit accounts, is simply terrifying. We shop at Target and you probably do, too. A lot of Americans have a Target store just a short drive away from them.
The reason we decided to write this multi-part blog is to respond to the questions several of our customers had about the safety of financial transactions with our store.
It should not be a big secret or a surprise that our credit card vendor is PayPal. PayPal formed in 1998 and had an immediate success as an on-line credit card payment processor. It very quickly captured a large part of the eBay transaction market and in 2002 eBay chose to acquire PayPal in order to capture additional revenue from the transactions on their own website.
PayPal has been nothing short of a blockbuster phenomenon. In 2012, the latest year for which records have been published, PayPal’s payment volume processing was a staggering $145 billion, almost $4,600 transacted every second! That’s a lot of money flying through cyberspace. How do they keep it safe? To get an answer to this, we sat down with the PayPal Customer Solutions team.
The first step here to explain how our transactions happen. The majority of our transactions happen on-line. Customers come to our website, select the items they want and when they are ready to pay, the shopping cart is sent to PayPal. Then the payment is between the customer and PayPal. When the transaction is completed, PayPal returns to us an indication that the contents of the cart have been paid for and gives us an address to ship the purchase to. The money is kept on account at PayPal, which also serves as a bank. Other than a name, an e-mail and a shipping address, we receive no personal or financial information regarding our customers.
The other way we process payments is in person. When a customer hands over a credit card, it is run through a reader which uses a Virtual Private Network to send the information to PayPal. The VPN is hosted by Verizon when we are traveling and Comcast when we are at home. A Virtual Private Network is an encrypted “tunnel” that uses digital encryption, making security tougher than guessing the numbers for this weekend’s PowerBall.
Once a connection with PayPal’s computers is established, an additional 128-bit security key is used to create a Secure Socket Layer, creating a security envelope within the original secure tunnel. If you are making a payment from your own computer, PayPal will check to make sure that your browser is capable of SSL 3.0 or better encryption before allowing the transaction to occur. Older browsers are not allowed to send financial information.
No matter which way you go, a Snaggy diMe does not store your financial information. Most of the time we don’t even see it or know which method you chose to pay. Credit cards, debit cards and electronic checks all look the same to us. All of this information is managed behind the scenes by PayPal.
PayPal’s servers sit in a secure facility which is guarded both physically and electronically. The machines themselves sit behind a series of firewall servers, effectively keeping them off the internet with no possibility of direct internet access. Additionally, PayPal uses a host of scanning algorithms that are constantly evaluating and testing their network. And there are specially designed anti-fraud algorithms, similar to those used by credit card companies, working to identify transaction risks. If there are any concerns, PayPal’s account specialists will place a call to the initiator of the transaction to confirm that they did indeed authorize the payment.
We spent a long time looking at on-line payment options in 2005 and we are happy to say that after this additional research, we remain very comfortable with the vendor that we selected. Tomorrow we will continue this series by talking about basic credit card safety.
[whohit]2014-01-21 Credit Cards 2 – PayPal’s Security[/whohit]
Pingback: Credit Cards, part 5 - The History of the Card | a Snaggy diMe Blog
Pingback: Credit Cards, part 1 - Safe, Like Target | a Snaggy diMe Blog